1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Someone is using my domain name to send spam

Discussion in 'Internet, Connectivity and Communications' started by Frontier, Jun 23, 2006.

  1. Frontier

    Frontier Byte Poster

    105
    0
    14
    Ive recently started receiving alot of returned emails where it looks as though someone has tried to send spam using my domain name. The emails come back to my yahoo account as delivery failed. The email messages have a random name followed by @mydomain.com in the to: part where mydomain is the name of my domain. Im not quite sure why this is happening or what is going on. If people are receiving spam from my domain how is this being done and will my site get a bad name? is there anything I can do to stop this and do I need to worry? please help.
     
  2. csx

    csx Megabyte Poster

    511
    6
    81
    You can spoof emails. So someone might have spoofed your domain and sending loads of crap to other people.

    So then when the mail doesn't get delivered, it returns it to the @domain in the mail.

    So basically your getting the delivered failed messages.

    However this might not be the case and someone might be using your domain.
     
    Certifications: A+, Network+, 70-271 & 70-272, CCENT, VCP5-DCV and CCNA
    WIP: Citrix
  3. Frontier

    Frontier Byte Poster

    105
    0
    14
    Thanks for the quick response. Whenever I get an email sent back it has a differant name followed by @mydomain.com

    The only email account I have set up is admin@mydomain.com so far this account as far as im aware has not been used but ill become very concerned if it does.

    The emails are all exactly the same. Someone trying to flog viagra or something LOL as you can imagine not going to give my site a very good image if these messages are being sent out.

    I appreciate any help that can be given with this.
     
  4. d-Faktor
    Honorary Member

    d-Faktor R.I.P - gone but never forgotten.

    810
    0
    39
    email spoofing is as old as ... uhm ... the internet? until they come up with a better protocol, there is nothing you can do about it.

    however, as a side note, email spoofing sometimes (but by far not always) starts with a virus infected machine. the virus searches the machine for an address book, or a contact list, and uses those names and addresses, or variations of them, to send out spam. now, as you can see, this means that the virus could be sending out spam not only as somename @ yourdomain.com, but also as somename @ yourfriendsdomain.com, simply because it found that in your contact list. similarly, this also means that the virus infected machine does not necessarily have to be yours. yourdomain.com could be stored in an address book of one of your friends, family members, or business contacts.

    some of the undelivered messages might include the original mail (being the spoofed one) as an attachment. you might try to open that to see if you can extract the headers. that might give you a clue of the originating ip address. of course, by opening the spoofed message you are in danger of getting infected, so only do that when you are offline, and when you are confident in your antivirus tool.
     
  5. Frontier

    Frontier Byte Poster

    105
    0
    14
    Is there anything I could have done to prevent this? or am I just unlucky. Im wondering if perhaps any messages are being sent out at all if im getting so many failed deliveries sent to me. should I just not worry about it?
     
  6. d-Faktor
    Honorary Member

    d-Faktor R.I.P - gone but never forgotten.

    810
    0
    39
    assuming this was not started by a virus infected machine on your own network, which as i explained is possible, but unlikely, there is very little you can do about it, and there is very little you could have done to prevent it. shite happens. i've had this problem on and off for about 6 or 7 years now. just make throw away the 'undelivered' messages, and live with it. there's only one thing you need to be aware of, and that is that if there was a big spam run used with just your domain name, then the domain name could end up black listed. you'll find that out soon enough when your own valid mails return undelivered. but chances of that happening are low as well.
     

Share This Page

Loading...